Weaveworks 2022.03 release featuring Magalix PaC | Learn more
Balance innovation and agility with security and compliance
risks using a 3-step process across all cloud infrastructure.
Step up business agility without compromising
security or compliance
Everything you need to become a Kubernetes expert.
Always for free!
Everything you need to know about Magalix
culture and much more
Kubernetes has continued to strive to influence the tech space with its flexibility and portability in container orchestration. And with this continuous strive, there has been an increasing need to connect, configure, and manage Kubernetes with other tools and resources of your choice. This has brought about the creation of more automation products, infrastructure, and features to satisfy this increasing need.
Terraform is one of the tools offering the best way to manage and configure Kubernetes. It is a popular and commonly used infrastructure-as-code product that includes a connector to Kubernetes, aptly called Kubernetes provider.
Terraform, in comparison with other similar tools, stands out because of its ability to provision infrastructure using templates. The templates are created by describing the resources that you’ll have as your infrastructure before deploying it. With terraform, you describe the details of your infrastructure-as-code and Terraform subsequently handles the provisioning.
While Terraform allows you to script your infrastructure, other tools like Ansible are just configuration management and help automate the configuration of software and systems on your infrastructure that’s already been provisioned.
Having talked about the benefits of Terraform for Kubernetes, next, we’ll move on to learning a little more about how it works.
It is important to note that the Terraform Kubernetes provider does not build and deploy Kubernetes clusters, that is, it requires the Kubernetes cluster to be running before it can be used. To understand a bit more about how Terraform Kubernetes provider works, we’ll take a look at a use case.
The best way to work with or interact with Terraform Kubernetes provider is to configure the Kubernetes provider by creating a name-space, then deploy the application in a pod, and finally expose the pod to the users as a service. Meanwhile, to do all these, you need to have your Kubernetes cluster up and running. We have explained the three steps below:
The first step in using the Terraform Kubernetes provider will be configuration. To do that, we’re going to create a configuration file at ~/.kube/config. Then, we’ll want to have the config contained in the Terraform instance and we’ll do this via the code block below:
provider "kubernetes" {
host = "https://0.0.0.0"
}
Terraform provisions a pod in which Kubernetes manages the containers. A pod usually contains one or more containers that are scheduled on cluster nodes based on the memory available.
Here, we’ll use Terraform to create our pod, while we expose port 80 to the users:
resource "kubernetes_pod" "example" {
metadata {
name = "example-test"
labels {
App = "example"
}
}
spec {
container {
image = "example/http-echo:0.1.0"
name = "example-test"
port {
container_port = 80
}
}
}
}
The next step after our pod is created is to expose it to users by provisioning a service. The service will be capable of managing the relationship between the load-balancer and the pod.
resource "kubernetes_service" "example" {
metadata {
name = "example-test"
}
spec {
selector {
App = "${kubernetes_pod.example.metadata.0.labels.App}"
}
port {
port = 80
target_port = 80
}
type = "LoadBalancer"
}
}
output "load_balancer_ip" {
value = "${kubernetes_service.example.load_balancer_ingress.0.ip}"
}
This Terraform configuration also specifies an output that prints the IP of the load balancer to make it easy for the operator to access it. This output comes in addition to specifying the service function of Terraform.
Having done all the necessary configurations, it’s imperative that we verify that everything we did actually works. We can verify that the application is running by using curl from the terminal:
$ curl -s $(terraform output load_balancer_ip)
Now, open your favorite browser and enter the IP address, if everything worked as it should, you should see your welcome page.
Configurations passed into the container instances use config_map, which is actually not a good way to take care of anything sensitive. If you need to have sensitive information, such as passwords, in your container instances, and you don’t necessarily want to expose them to the entire cluster, Terraform Kubernetes provider has a tool called kubernetes_secrets.
Kubernetes_secrets creates a secret resource (by default) and makes the resource available to any pod in that name-space.
resource "kubernetes_secret" "example" {
metadata {
name = "example-test"
}
data = {
username = "admin"
password = "GuessPassword"
}
type = "kubernetes.io/basic-auth"
}
The secrets can then be imported by running the command below in your terminal:
$ terraform import kubernetes_secret.example default/my-secret
Terraform directly provisions Storage and Persistent Volumes. Meanwhile, provisioning Storage Class using Terraform (to all volumes) while being managed by Kubernetes is best practice. And it’s also important for scalability and control.
Terraform makes it easy to manage Kubernetes clusters and Kubernetes resources effectively. It gives organizations the opportunity to work with infrastructure-as-code, management of cloud platforms, and also the opportunity to create modules for self-service infrastructure. Terraform Kubernetes provider gives organizations all the required tools necessary to manage Kubernetes clusters in the environment.
To learn more about Terraform Kubernetes Provider, take a look at this: Managing Kubernetes with Terraform.
Self-service developer platform is all about creating a frictionless development process, boosting developer velocity, and increasing developer autonomy. Learn more about self-service platforms and why it’s important.
Explore how you can get started with GitOps using Weave GitOps products: Weave GitOps Core and Weave GitOps Enterprise. Read more.
More and more businesses are adopting GitOps. Learn about the 5 reasons why GitOps is important for businesses.
Implement the proper governance and operational excellence in your Kubernetes clusters.
Comments and Responses